We have a medium-sized network of around 200 nodes and are currently in the process of replacing old daisy-chained switches with stack-able or chassis style switches.
Right now, our network is broken up via subnets: production, management, intellectual property (IP), etc., each on a separate subnet. Would creating VLANs instead of subnets be more beneficial?
Our general goal is to prevent bottlenecks, separate traffic for security, and to manage traffic with more ease.
Best Answer
VLANs and subnets solve different problems. VLANs work at Layer 2, thereby altering broadcast domains (for instance). Whereas subnets are Layer 3 in the current context
One suggestion would be to actually implement both
Have, for instance, VLAN 10 - 15 for your different device types (Dev, Test, Production, Users, etc)
VLAN 10, you may have the subnet 192.168.54.x/24 VLAN 11, you may have the subnet 192.168.55.x/24
And so on
This would require that you have a router within your network, though
It's kind of up to you what route you go down (You know your network better than I ever will). If you think that the size of your broadcast domain will be some kind of issue, then use VLANs. If you think that the size of your network management domains (for instance, your management network) then possibly use a network closer to a /16 over a /24
Your 200 nodes will fit into a /24, but that obviously doesn't give you much scope for growth
By the sound of it, you're already using different subnets for different device types. So, why not stick with that? You could, if you wanted, tie each subnet to a VLAN. Layer 2 segmentation will result in the behaviour of your network changing from how it behaves currently though
You would have to investigate the potential impact of that